The Revolver Rabbit cybercriminal gang has registered over 500,000 domain names for infostealer campaigns targeting Windows and macOS systems. They utilize registered domain generation algorithms (RDGAs) to rapidly register multiple domains at once.
Grype is an open-source vulnerability scanner for container images and filesystems that works with Syft to detect vulnerabilities in major operating system and language-specific packages like Alpine, Debian, Ruby, Java, Python, and more.
The malware’s driver was signed by Microsoft but attributed to a suspicious Chinese company, Hubei Dunwang Network Technology Co., Ltd. The company exploited Microsoft’s driver code-signing requirements to obtain an Extended Verification certificate.
The Cybersecurity and Infrastructure Security Agency (CISA) has appointed new leaders to its cybersecurity division and stakeholder engagement role to enhance national cyber defenses and foster collaboration between the public and private sectors.
APT41, a China-based hacking group, has targeted organizations in shipping, logistics, media, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. since 2023.
The attacks, linked to a group called OilAlpha, involved malicious mobile apps and targeted CARE International, Norwegian Refugee Council (NRC), and Saudi Arabian King Salman Humanitarian Aid and Relief Centre.
The Play ransomware group has introduced a Linux variant that targets ESXi environments. This variant verifies its environment before executing and has been successful in evading security measures.
Indian crypto exchange WazirX disclosed a loss of virtual assets worth more than $230 million due to a cyber attack linked to North Korea. The attack targeted a multi-signature wallet with six signatories, leading to a breach in security measures.
The number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months, according to the Identity Theft Resource Center (ITRC).
According to Crunchbase data, cybersecurity funding reached a two-year high in Q2 of 2024, with venture capitalists investing $4.4 billion in startups, the strongest quarter since 2022. This marked a 144% increase from the previous year.